Windows Antivirus Exclusions Enumeration
This module will enumerate the file, directory, process and extension-based exclusions from supported AV products, which currently includes Microsoft Defender, Microsoft Security Essentials/Antimalware, and Symantec Endpoint Protection.
Module Name
post/windows/gather/enum_av_excluded
msf > use post/windows/gather/enum_av_excluded
msf post(enum_av_excluded) > sessions
...sessions...
msf post(enum_av_excluded) > set SESSION <session-id>
msf post(enum_av_excluded) > show options
...show and set options...
msf post(enum_av_excluded) > run
No comments:
Post a Comment